summaryrefslogtreecommitdiff
path: root/includes/AjaxDispatcher.php
diff options
context:
space:
mode:
Diffstat (limited to 'includes/AjaxDispatcher.php')
-rw-r--r--includes/AjaxDispatcher.php25
1 files changed, 16 insertions, 9 deletions
diff --git a/includes/AjaxDispatcher.php b/includes/AjaxDispatcher.php
index c9ca1283..9bc92be9 100644
--- a/includes/AjaxDispatcher.php
+++ b/includes/AjaxDispatcher.php
@@ -48,14 +48,21 @@ class AjaxDispatcher {
private $args;
/**
+ * @var Config
+ */
+ private $config;
+
+ /**
* Load up our object with user supplied data
*/
- function __construct() {
+ function __construct( Config $config ) {
wfProfileIn( __METHOD__ );
+ $this->config = $config;
+
$this->mode = "";
- if ( ! empty( $_GET["rs"] ) ) {
+ if ( !empty( $_GET["rs"] ) ) {
$this->mode = "get";
}
@@ -66,7 +73,7 @@ class AjaxDispatcher {
switch ( $this->mode ) {
case 'get':
$this->func_name = isset( $_GET["rs"] ) ? $_GET["rs"] : '';
- if ( ! empty( $_GET["rsargs"] ) ) {
+ if ( !empty( $_GET["rsargs"] ) ) {
$this->args = $_GET["rsargs"];
} else {
$this->args = array();
@@ -74,7 +81,7 @@ class AjaxDispatcher {
break;
case 'post':
$this->func_name = isset( $_POST["rs"] ) ? $_POST["rs"] : '';
- if ( ! empty( $_POST["rsargs"] ) ) {
+ if ( !empty( $_POST["rsargs"] ) ) {
$this->args = $_POST["rsargs"];
} else {
$this->args = array();
@@ -95,17 +102,17 @@ class AjaxDispatcher {
* BEWARE! Data are passed as they have been supplied by the user,
* they should be carefully handled in the function processing the
* request.
+ *
+ * @param User $user
*/
- function performAction() {
- global $wgAjaxExportList, $wgUser;
-
+ function performAction( User $user ) {
if ( empty( $this->mode ) ) {
return;
}
wfProfileIn( __METHOD__ );
- if ( ! in_array( $this->func_name, $wgAjaxExportList ) ) {
+ if ( !in_array( $this->func_name, $this->config->get( 'AjaxExportList' ) ) ) {
wfDebug( __METHOD__ . ' Bad Request for unknown function ' . $this->func_name . "\n" );
wfHttpError(
@@ -113,7 +120,7 @@ class AjaxDispatcher {
'Bad Request',
"unknown function " . $this->func_name
);
- } elseif ( !User::isEveryoneAllowed( 'read' ) && !$wgUser->isAllowed( 'read' ) ) {
+ } elseif ( !User::isEveryoneAllowed( 'read' ) && !$user->isAllowed( 'read' ) ) {
wfHttpError(
403,
'Forbidden',
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-11-18 01:15:23 +0000